Cyber attack on Mexico campaign site triggers election nerves

MEXICO CITY (Reuters) - The website of a Mexican political opposition party was hit by a cyber attack during Tuesday’s final television debate between presidential candidates ahead of the July 1 vote, after the site had published documents critical of the leading candidate.

FILE PHOTO: Ricardo Anaya of the National Action Party (PAN), Andres Manuel Lopez Obrador of the National Regeneration Movement (MORENA), Jose Antonio Meade of the Institutional Revolutionary Party (PRI) and independent candidate Jaime Rodriguez Calderon pose for a photo at their third and final debate in Merida, Mexico in this June 12, 2018 handout released to Reuters by the National Electoral Institute (INE). National Electoral Institute/Handout via REUTERS

The National Action Party (PAN) said that its website, targeting front-runner Andres Manuel Lopez Obrador, likely suffered a distributed denial of service (DDoS) cyber attack with the bulk of traffic to the site nominally coming from Russia and China.

Lopez Obrador’s Morena party said it had nothing to do with the outage. The Chinese and Russian embassies in Mexico did not immediately respond to requests for comment. Reuters could not confirm the PAN’s account of the attack.

Although there have been no clear signs of foreign meddling in Mexican campaigns, a U.S. probe into possible Russian interference in the 2016 U.S. election has made Mexicans watchful for possible foreign virtual attacks that could muddy the country’s biggest-ever election.

However, the countries where the traffic to the PAN site were generated could be entirely unrelated to the true source and the attack could be intended to create confusion, cyber security experts said.

Cyber experts said they did not know who was behind the attack, but pointed out that it could have been done by hackers for hire working on behalf of somebody looking to prevent people from accessing the PAN website.

“These could be third-parties offering services-for-hire, proxies or a politically motivated group,” said Carles Lopez-Penalver, an analyst at cyber security firm Flashpoint.

Barrett Lyon, a security solutions executive at U.S. telecommunications firm Neustar, agreed, saying the computers in Russia and China that apparently generated the visits could have been hacked.

The site crashed during Tuesday’s televised presidential debate, the PAN said, shortly after its candidate Ricardo Anaya brandished a black-and-white placard with the site address. It remained down for hours.

The coalition leader, second in most polls, said the site would offer evidence that Lopez Obrador had awarded contracts without public tenders when he was Mexico City mayor. Lopez Obrador denied any wrongdoing.

“On this website, 185,000 visits were registered within 15 minutes, with the attacks coming mainly from Russia and China,” PAN said in a statement, citing information from web security firm Cloudflare and Google Analytics.

Cloudflare said in a statement that its clients can typically access data showing the locations of site visitors, but declined to comment on Tuesday’s incident.

The PAN’s secretary, Damian Zepeda, suggested Lopez Obrador, known as AMLO, was behind the attack using fake “robot” accounts.

“The AMLO bots have been activated to try to crash the page debate2018.mx where there are proofs of contracts worth millions given to AMLO’s friend,” Zepeda wrote on Twitter.